[PLUG] How to confirm my router is safe
Louis Kowolowski
louisk at cryptomonkeys.org
Tue Apr 24 22:21:01 UTC 2018
On Apr 24, 2018, at 4:26 PM, Rich Shepard <rshepard at appl-ecosys.com> wrote:
>
> On Tue, 24 Apr 2018, Dick Steffens wrote:
>
>> OPB has an article about router vulnerability.
>> https://www.opb.org/news/article/npr-sounding-the-alarm-about-a-new-russian-cyber-threat/
>>
>> It recommends following your router manufacturer's guidance on making sure
>> the router is secure. It doesn't say specifically what to search for. I
>> have a Buffalo WZR-600DHP running OpenWrt LuCI, Attitude Adjustment 12.09.
>> What foo should I use to determine what version of firmware I should be
>> running to be reasonably secure?
>
> Dick,
>
> Brian Krebs had a blog post on this a while ago. The key thing to do --
> unless I'm badly mistaken -- is to change the admin's password from the
> factory default. If your LAN is on a different class C subnet, change the
> router's IP address from the standard 192.168.1.1 to an address on your
> subnet.
>
> And, while risking the wrath of Russell, limit access to the MAC addresses
> of your local hosts that will access it via radio.
>
I'd also run by https://www.grc.com/x/ne.dll?bh0bkyd2 <https://www.grc.com/x/ne.dll?bh0bkyd2> and make sure it doesn't find anything.
Also, as somebody else suggested, keep your firmware updated. What ever is the most recent "stable" train is what you want. I'd suggest making it a quarterly check to ensure things stay up to date.
--
Louis Kowolowski louisk at cryptomonkeys.org <mailto:louisk at cryptomonkeys.org>
Cryptomonkeys: http://www.cryptomonkeys.com/ <http://www.cryptomonkeys.com/>
Making life more interesting for people since 1977
More information about the PLUG
mailing list